/*
 * igo: com.cctv.igo.security.service.AuthorizationSetupService.java Create On 2011-4-29 上午09:55:16 By Q-Wang
 * $Revision: 1.2 $
 */
package com.ctvit.framework.security.service;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;

import com.ctvit.framework.dao.Condition;
import com.ctvit.framework.security.common.SecurityQueries;
import com.ctvit.framework.security.domain.PermAuthzResource;
import com.ctvit.framework.security.domain.PermAuthzRole;
import com.ctvit.framework.service.BaseService;

/**
 * @author <a href="mailto:apeidou@gmail.com">Q-Wang</a>
 *
 */
public class AuthorizationService extends BaseService {

//	public void addUserToGroup(Long userId, Long groupId) {
//		UserGroup userGroup = new UserGroup(userId, groupId);
//		userGroup.setCreator(ContextHolder.getCurrentUserId());
//		userGroup.setCreateTimestamp(new Date());
//		genericDao.insertBySqlID(SecurityQueries.ADD_USER_TO_GROUP, userGroup);
//	}
//	public void removeUserFromGroup(Long userId, Long groupId) {
//		UserGroup userGroup = new UserGroup(userId, groupId);
//		genericDao.deleteBySqlID(SecurityQueries.REMOVE_USER_FROM_GROUP, userGroup);
//	}
//	public List<PermAuthzGroup> selectGroupByUser(Long userId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_GROUP_BY_USER, userId);
//	}
//
//
//	public void addRoleToGroup(Long roleId, Long groupId) {
//		GroupRole groupRole = new GroupRole(groupId, roleId);
//		groupRole.setCreator(ContextHolder.getCurrentUserId());
//		groupRole.setCreateTimestamp(new Date());
//		genericDao.insertBySqlID(SecurityQueries.ADD_ROLE_TO_GROUP, groupRole);
//	}
//	public void removeRoleFromGroup(Long roleId, Long groupId) {
//		GroupRole groupRole = new GroupRole(groupId, roleId);
//		genericDao.deleteBySqlID(SecurityQueries.REMOVE_ROLE_FROM_GROUP, groupRole);
//	}
//	public List<PermAuthzRole> selectRoleByGroup(Long groupId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_ROLE_BY_GROUP, groupId);
//	}
//	public List<PermAuthzGroup> selectGroupByRole(Long roleId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_GROUP_BY_ROLE, roleId);
//	}
//
//
//	public void addUserToRole(Long userId, Long roleId) {
//		UserRole userRole = new UserRole(userId, roleId);
//		genericDao.insertBySqlID(SecurityQueries.ADD_USER_TO_ROLE, userRole);
//	}
//	public void removeUserFromRole(Long userId, Long roleId) {
//		UserRole userRole = new UserRole(userId, roleId);
//		genericDao.deleteBySqlID(SecurityQueries.REMOVE_USER_FROM_ROLE, userRole);
//	}
//	public List<PermAuthzRole> selectRoleByUser(Long userId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_ROLE_BY_USER, userId);
//	}
//
	public List<PermAuthzRole> selectAllRoleByUser(Long userId) {
		return genericDao.queryBySqlID(SecurityQueries.SELECT_ALL_ROLE_BY_USER, userId);
	}
//
	public List<PermAuthzResource> selectResourceByRole(Long roleId) {
		return genericDao.queryBySqlID(SecurityQueries.SELECT_RESOURCE_BY_ROLE, roleId);
	}
//
//	public void removeResourceFromRole(Long resourceId, Long roleId) {
//		RoleResource roleResource = new RoleResource(roleId, resourceId);
//		genericDao.deleteBySqlID(SecurityQueries.REMOVE_RESOURCE_FROM_ROLE, roleResource);
//	}
//
//	public void addResourceToRole(Long resourceId, Long roleId) {
//		RoleResource roleResource = new RoleResource(roleId, resourceId);
//		roleResource.setCreator(ContextHolder.getCurrentUserId());
//		roleResource.setCreateTimestamp(new Date());
//		roleResource.setModifier(null);
//		roleResource.setModifyTimestamp(null);
//		genericDao.insertBySqlID(SecurityQueries.ADD_RESOURCE_TO_ROLE, roleResource);
//	}
//
//	public void updateRoleResource(RoleResource roleResource) {
//		roleResource.setModifier(ContextHolder.getCurrentUserId());
//		roleResource.setModifyTimestamp(new Date());
//		genericDao.updateBySqlID(SecurityQueries.UPDATE_ROLE_RESOURCE, roleResource);
//	}
//
//	public List<RoleResource> selectRoleResourceByRole(Long roleId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_ROLE_DETAILS_BY_ROLE, roleId);
//	}
//	public List<RoleResource> selectRoleResourceByResource(Long resourceId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_ROLE_DETAILS_BY_RESOURCE, resourceId);
//	}
//	public RoleResource selectRoleResource(Long roleId, Long resourceId) {
//		RoleResource roleResource = new RoleResource(roleId, resourceId);
//		List<RoleResource> results = genericDao.queryBySqlID(SecurityQueries.SELECT_ROLE_DETAILS, roleResource);
//		if (results.isEmpty()) {
//			return null;
//		}
//		return results.get(0);
//	}
//
//
//	public List<PermAuthnManager> selectManagerByRole(Long roleId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_MANAGER_BY_ROLE, roleId);
//	}
//	public List<PermAuthnManager> selectManagerByGroup(Long groupId) {
//		return genericDao.queryBySqlID(SecurityQueries.SELECT_MANAGER_BY_GROUP, groupId);
//	}


//	private static final Map<String, Collection<ConfigAttribute>> SECURITY_URL = new HashMap<String, Collection<ConfigAttribute>>();
//	private static final Set<ConfigAttribute> SECURITY_ATTRIBUTES = new HashSet<ConfigAttribute>();

	public Collection<ConfigAttribute> listAllConfigAttributes() {
		Set<ConfigAttribute> SECURITY_ATTRIBUTES= new HashSet<ConfigAttribute>();
		if (SECURITY_ATTRIBUTES.isEmpty()) {
			List<PermAuthzRole> roles = genericDao.getByCondition(PermAuthzRole.class, null, null);
			for (PermAuthzRole role:roles) {
				String definition = role.getDefinition();
				SecurityConfig config = new SecurityConfig(definition);
				SECURITY_ATTRIBUTES.add(config);
			}
		}
		return Collections.unmodifiableCollection(SECURITY_ATTRIBUTES);
	}
	public Map<String, Collection<ConfigAttribute>> loadAllConfigAttribute() {
		Map<String, Collection<ConfigAttribute>> SECURITY_URL = new HashMap<String, Collection<ConfigAttribute>>();
		if (SECURITY_URL.isEmpty()) {
			Condition condition = new Condition();
			condition.add("type","URL");
			List<PermAuthzResource> resources = genericDao.getByCondition(PermAuthzResource.class, condition, null);
			for (PermAuthzResource resource:resources) {
				List<PermAuthzRole> roles = genericDao.queryBySqlID(SecurityQueries.SELECT_ROLE_BY_RESOURCE, resource.getId());
				Set<ConfigAttribute> attributes = new HashSet<ConfigAttribute>();
				for (PermAuthzRole role:roles) {
					ConfigAttribute attribute = new SecurityConfig(role.getDefinition());
					attributes.add(attribute);
				}
				SECURITY_URL.put(resource.getDefinition(), attributes);
			}
		}
		return Collections.unmodifiableMap(SECURITY_URL);
	}
	private static  Map<String, ArrayList<String>> MY_RESOURCES = new HashMap<String, ArrayList<String>>();
	public boolean isAuthorizied(Long userId,String url){
		/*if (!MY_RESOURCES.containsKey(userId+"")){
			ArrayList<String> resouArrayList=new ArrayList<String>();
			List<PermAuthzRole> listRoles=selectAllRoleByUser(userId);
			for (PermAuthzRole permAuthzRole : listRoles) {
				List<PermAuthzResource> listResources=selectResourceByRole(permAuthzRole.getId());
				for (PermAuthzResource permAuthzResource : listResources) {
					resouArrayList.add(permAuthzResource.getDefinition());
				}
			}
			MY_RESOURCES.put(userId+"", resouArrayList);
		}
		for (String grantedUrl : MY_RESOURCES.get(userId+"")) {
			
			
			String path=url;
			try {
				URL uu = new URL(new URL("http://localhost/manage/"),url);
				path=uu.getPath();
			} catch (MalformedURLException e) {
			}
			
			if (path.startsWith(grantedUrl))
				return true;
		}*/
		return false;
	}
}
